diff --git a/gtests/ssl_gtest/ssl_recordsize_unittest.cc b/gtests/ssl_gtest/ssl_recordsize_unittest.cc
index 8926b5551e..a185104404 100644
--- a/gtests/ssl_gtest/ssl_recordsize_unittest.cc
+++ b/gtests/ssl_gtest/ssl_recordsize_unittest.cc
@@ -266,6 +266,27 @@ TEST_P(TlsConnectTls13, RecordSizeCiphertextExceed) {
   server_->CheckErrorCode(SSL_ERROR_RECORD_OVERFLOW_ALERT);
 }
 
+TEST_F(TlsConnectStreamTls13, ClientHelloF5Padding) {
+  EnsureTlsSetup();
+  ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
+  ScopedPK11SymKey key(
+      PK11_KeyGen(slot.get(), CKM_NSS_CHACHA20_POLY1305, nullptr, 32, nullptr));
+
+  auto filter =
+      MakeTlsFilter<TlsHandshakeRecorder>(client_, kTlsHandshakeClientHello);
+
+  // Add PSK with label long enough to push CH length into [256, 511].
+  std::vector<uint8_t> label(100);
+  EXPECT_EQ(SECSuccess,
+            SSL_AddExternalPsk(client_->ssl_fd(), key.get(), label.data(),
+                               label.size(), ssl_hash_sha256));
+  StartConnect();
+  client_->Handshake();
+
+  // Filter removes the 4B handshake header.
+  EXPECT_EQ(508UL, filter->buffer().len());
+}
+
 // This indiscriminately adds padding to application data records.
 class TlsRecordPadder : public TlsRecordFilter {
  public:
diff --git a/lib/ssl/ssl3ext.c b/lib/ssl/ssl3ext.c
index 199cf459ae..cdbb803fab 100644
--- a/lib/ssl/ssl3ext.c
+++ b/lib/ssl/ssl3ext.c
@@ -837,9 +837,6 @@ ssl_SendEmptyExtension(const sslSocket *ss, TLSExtensionData *xtnData,
 static unsigned int
 ssl_CalculatePaddingExtLen(const sslSocket *ss, unsigned int clientHelloLength)
 {
-    unsigned int recordLength = 1 /* handshake message type */ +
-                                3 /* handshake message length */ +
-                                clientHelloLength;
     unsigned int extensionLen;
 
     /* Don't pad for DTLS, for SSLv3, or for renegotiation. */
@@ -853,11 +850,11 @@ ssl_CalculatePaddingExtLen(const sslSocket *ss, unsigned int clientHelloLength)
      * the ClientHello doesn't have a length between 256 and 511 bytes
      * (inclusive). Initial ClientHello records with such lengths trigger bugs
      * in F5 devices. */
-    if (recordLength < 256 || recordLength >= 512) {
+    if (clientHelloLength < 256 || clientHelloLength >= 512) {
         return 0;
     }
 
-    extensionLen = 512 - recordLength;
+    extensionLen = 512 - clientHelloLength;
     /* Extensions take at least four bytes to encode. Always include at least
      * one byte of data if we are padding. Some servers will time out or
      * terminate the connection if the last ClientHello extension is empty. */